Blocking user agents

We’re getting hammered by a bot called Bytespider at present, which is coming in from dozens of different AWS IP addresses. I’d like to try and block this user agent in WAF > Tools > User Agent Blocking but I’m not sure of the correct format of the rule. I’ve tried the following:

(http.user_agent contains “Bytespider”)


Mozilla/5.0 (compatible;+Bytespider;[email protected])

But from our IIS logs it seems the traffic is still making it to our server. Are any of the 3 rules shown above configured correctly to block user agent Bytespider?



Hi @mark.jacobs

Try and create a custom firewall rule where you block on user agent (contains) Bytespider. This should solve your issue.

Thanks Louise, that’s working perfectly!